- document
-
Wu, L. (author), Won, Yoo-Seung (author), Jap, Dirmanto (author), Perin, G. (author), Bhasin, Shivam (author), Picek, S. (author)The use of deep learning-based side-channel analysis is an effective way of performing profiling attacks on power and electromagnetic leakages, even against targets protected with countermeasures. While many research articles have reported successful results, they typically focus on profiling and attacking a single device, assuming that...journal article 2024
- document
-
Mariot, L. (author), Picek, S. (author), R Yorgova, R.A. (author)One of the Round 3 Finalists in the NIST post-quantum cryptography call is the Classic McEliece cryptosystem. Although it is one of the most secure cryptosystems, the large size of its public key remains a practical limitation. In this work, we propose a McEliece-type cryptosystem using large minimum distance error-correcting codes derived from...journal article 2023
- document
-
Mercier, Arthur (author), Smolin, Nikita (author), Sihlovec, Oliver (author), Koffas, S. (author), Picek, S. (author)Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still,...journal article 2023
- document
-
Picek, S. (author), Perin, G. (author), Mariot, L. (author), Wu, L. (author), Batina, Lejla (author)Side-channel attacks represent a realistic and serious threat to the security of embedded devices for already almost three decades. A variety of attacks and targets they can be applied to have been introduced, and while the area of side-channel attacks and their mitigation is very well-researched, it is yet to be consolidated. Deep learning...journal article 2023
- document
-
Kerkhof, Maikel (author), Wu, L. (author), Perin, G. (author), Picek, S. (author)Deep learning is a powerful direction for profiling side-channel analysis as it can break targets protected with countermeasures even with a relatively small number of attack traces. Still, it is necessary to conduct hyperparameter tuning to reach strong attack performance, which can be far from trivial. Besides many options stemming from the...journal article 2023
- document
-
Xu, J. (author), Abad, Gorka (author), Picek, S. (author)Backdoor attacks have been demonstrated as a security threat for machine learning models. Traditional backdoor attacks intend to inject backdoor functionality into the model such that the backdoored model will perform abnormally on inputs with predefined backdoor triggers and still retain state-of-the-art performance on the clean inputs. While...conference paper 2023
- document
-
Xu, J. (author), Koffas, S. (author), Ersoy, Oǧuzhan (author), Picek, S. (author)Graph Neural Networks (GNNs) have achieved promising performance in various real-world applications. Building a powerful GNN model is not a trivial task, as it requires a large amount of training data, powerful computing resources, and human expertise. Moreover, with the development of adversarial attacks, e.g., model stealing attacks, GNNs...conference paper 2023
- document
-
Li, H. (author), Rieger, Phillip (author), Zeitouni, Shaza (author), Picek, S. (author), Sadeghi, Ahmad Reza (author)Federated Learning (FL) has become very popular since it enables clients to train a joint model collaboratively without sharing their private data. However, FL has been shown to be susceptible to backdoor and inference attacks. While in the former, the adversary injects manipulated updates into the aggregation process; the latter leverages...conference paper 2023
- document
-
Li, H. (author), Mentens, Nele (author), Picek, S. (author)SHA-3 is considered to be one of the most secure standardized hash functions. It relies on the Keccak-f[1 600] permutation, which operates on an internal state of 1 600 bits, mostly represented as a 5 x 5 x 64-bit matrix. While existing implementations process the state sequentially in chunks of typically 32 or 64 bits, the Keccak-f[1 600]...conference paper 2023
- document
-
Koffas, S. (author), Pajola, Luca (author), Picek, S. (author), Conti, M. (author)This work explores stylistic triggers for backdoor attacks in the audio domain: dynamic transformations of malicious samples through guitar effects. We first formalize stylistic triggers – currently missing in the literature. Second, we explore how to develop stylistic triggers in the audio domain by proposing JingleBack. Our experiments confirm...conference paper 2023
- document
-
Wu, L. (author), Weissbart, L.J.A. (author), Krcek, M. (author), Li, H. (author), Perin, G. (author), Batina, Lejla (author), Picek, S. (author)The efficiency of the profiling side-channel analysis can be significantly improved with machine learning techniques. Although powerful, a fundamental machine learning limitation of being data-hungry received little attention in the side-channel community. In practice, the maximum number of leakage traces that evaluators/attackers can obtain is...journal article 2023
- document
-
Carlet, Claude (author), Picek, S. (author)We derive necessary conditions related to the notions, in additive combinatorics, of Sidon sets and sum-free sets, on those exponents d ∈ Z/(2<sup>n</sup> − 1)Z, which are such that F (x) = x<sup>d</sup> is an APN function over F<sub>2</sub>n (which is an important cryptographic property). We study to what extent these new conditions may...journal article 2023
- document
-
Coello, Carlos Coello (author), Krcek, M. (author), Durasevic, Marko (author), Mariot, L. (author), Jakobovic, Domagoj (author), Picek, S. (author)Evolutionary algorithms have been successfully applied to attack Physically Unclonable Functions (PUFs). CMA-ES is recognized as the most powerful option for a type of attack called the reliability attack. In this paper, we take a step back and systematically evaluate several metaheuristics for the challenge-response pair-based attack on...conference paper 2023
- document
-
Perin, G. (author), Wu, L. (author), Picek, S. (author)The adoption of deep neural networks for profiling side-channel attacks opened new perspectives for leakage detection. Recent publications showed that cryptographic implementations featuring different countermeasures could be broken without feature selection or trace preprocessing. This success comes with a high price: an extensive...journal article 2023
- document
-
Koffas, S. (author), Xu, J. (author), Conti, M. (author), Picek, S. (author)This work explores backdoor attacks for automatic speech recognition systems where we inject inaudible triggers. By doing so, we make the backdoor attack challenging to detect for legitimate users and, consequently, potentially more dangerous. We conduct experiments on two versions of a speech dataset and three neural networks and explore the...conference paper 2022
- document
-
Wu, L. (author), Perin, G. (author), Picek, S. (author)In the last decade, machine learning-based side-channel attacks have become a standard option when investigating profiling side-channel attacks. At the same time, the previous state-of-the-art technique, template attack, started losing its importance and was more considered a baseline to compare against. As such, most of the results reported...journal article 2022
- document
-
Aiolli, Fabio (author), Conti, M. (author), Picek, S. (author), Polato, M. (author)Nowadays, online services, like e-commerce or streaming services, provide a personalized user experience through recommender systems. Recommender systems are built upon a vast amount of data about users/items acquired by the services. Such knowledge represents an invaluable resource. However, commonly, part of this knowledge is public and can...journal article 2022
- document
-
Cardaioli, Matteo (author), Cecconello, S. (author), Conti, M. (author), Milani, Simone (author), Picek, S. (author), Saraci, Eugen (author)Automated Teller Machines (ATMs) represent the most used system for withdrawing cash. The European Central Bank reported more than 11 billion cash withdrawals and loading/unloading transactions on the European ATMs in 2019. Although ATMs have undergone various technological evolutions, Personal Identification Numbers (PINs) are still the most...conference paper 2022
- document
-
Knezevic, Karlo (author), Jakobović, Domagoj (author), Picek, S. (author), Ðurasević, Marko (author)The choice of activation functions can significantly impact the performance of neural networks. Due to an ever-increasing number of new activation functions being proposed in the literature, selecting the appropriate activation function becomes even more difficult. Consequently, many researchers approach this problem from a different angle, in...journal article 2022
- document
-
Krcek, M. (author), Ordas, Thomas (author), Fronte, Daniele (author), Picek, S. (author)We consider finding as many faults as possible on the target device in the laser fault injection security evaluation. Since the search space is large, we require efficient search methods. Recently, an evolutionary approach using a memetic algorithm was proposed and shown to find more interesting parameter combinations than random search, which...conference paper 2022